Magnetic strip debit and credit cards have long been the technology of choice for debit and credit transactions. As the use of debit cards and credit cards have grown throughout the world, criminals have worked harder to steal them. Further compounding the problem has been large-scale data breaches and increasing rates of counterfeit card fraud. Nearly 40 percent of credit and debit card fraud involves stolen account numbers that are used to create counterfeit cards and 20 to 30 percent of fraud involves “card-not-present” fraud, wherein account numbers are used for transactions online or by phone.
If a thief obtains an account-holder's account number and the three- or four-digit security code printed on the chip card, the thief can use that account-holder's account information for transactions online or by phone. Or if the account-holder loses their credit or debit card that contains a chip, there's nothing that prevents a thief from using the account-holder's card in a store. Current estimates are 30 to 40 percent of fraud involved lost or stolen cards or claims of fraud that actually involve the account owner.
A new debit and credit card technology referred to as an integrated circuit card (referred to herein as an “IC” card”) has been adopted by the industry to improve payment security and to make it more difficult for fraudsters to successfully counterfeit cards. Such cards include an integrated circuit on the card. One such card having a particular standard is managed by EMVCo, and thus these types of cards are commonly referred to as EMV cards. The Smart Card Alliance estimates that by the end of 2015 600 million account-holders will be using an IC card.
As the industry moves away from magnetic strip cards, retailers such as casinos are looking for new ways to offer more services using IC technology.
One key feature of an IC card relates to how the card chip creates a unique transaction code for each consumer action at a terminal (cash withdraw, cash advance, Point of Sale (POS)). A transaction cannot be used more than once. If a thief stole the chip information from one specific point of sale, card duplication would not work since the stolen transaction number created for a given transaction wouldn't be usable again and the transaction would just get denied.
However, the configuration of such integrated circuit cards is limiting to the user of the card, such as in successfully processing a request for funds.